diff options
| author | Willem van Bergen <willem@vanbergen.org> | 2011-09-15 14:27:12 -0400 |
|---|---|---|
| committer | Willem van Bergen <willem@vanbergen.org> | 2011-09-15 14:27:12 -0400 |
| commit | 41fea0334232824d5d509a6924e8c8487d53494b (patch) | |
| tree | 429ec14cdbd47d7f497b08fd2cade404c3395bc9 /activesupport/lib | |
| parent | 2d30d4cb888e2da7c1f0a8828b467d2e21c90cfa (diff) | |
| download | rails-41fea0334232824d5d509a6924e8c8487d53494b.tar.gz rails-41fea0334232824d5d509a6924e8c8487d53494b.tar.bz2 rails-41fea0334232824d5d509a6924e8c8487d53494b.zip | |
Use an options hash to specify digest/cipher algorithm and a serializer for MessageVerifier and MessageEncryptor.
Diffstat (limited to 'activesupport/lib')
| -rw-r--r-- | activesupport/lib/active_support/message_encryptor.rb | 17 | ||||
| -rw-r--r-- | activesupport/lib/active_support/message_verifier.rb | 17 |
2 files changed, 20 insertions, 14 deletions
diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb index 66e121be26..7637cfe2b0 100644 --- a/activesupport/lib/active_support/message_encryptor.rb +++ b/activesupport/lib/active_support/message_encryptor.rb @@ -13,12 +13,15 @@ module ActiveSupport class InvalidMessage < StandardError; end OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError - attr_accessor :serializer - - def initialize(secret, cipher = 'aes-256-cbc', serializer = Marshal) + def initialize(secret, options = {}) + unless options.is_a?(Hash) + ActiveSupport::Deprecation.warn "The second parameter should be an options hash. Use :cipher => 'algorithm' to sepcify the cipher algorithm." + options = { :cipher => options } + end + @secret = secret - @cipher = cipher - @serializer = serializer + @cipher = options[:cipher] || 'aes-256-cbc' + @serializer = options[:serializer] || Marshal end def encrypt(value) @@ -30,7 +33,7 @@ module ActiveSupport cipher.key = @secret cipher.iv = iv - encrypted_data = cipher.update(serializer.dump(value)) + encrypted_data = cipher.update(@serializer.dump(value)) encrypted_data << cipher.final [encrypted_data, iv].map {|v| ActiveSupport::Base64.encode64s(v)}.join("--") @@ -47,7 +50,7 @@ module ActiveSupport decrypted_data = cipher.update(encrypted_data) decrypted_data << cipher.final - serializer.load(decrypted_data) + @serializer.load(decrypted_data) rescue OpenSSLCipherError, TypeError raise InvalidMessage end diff --git a/activesupport/lib/active_support/message_verifier.rb b/activesupport/lib/active_support/message_verifier.rb index 0181070479..57317028fc 100644 --- a/activesupport/lib/active_support/message_verifier.rb +++ b/activesupport/lib/active_support/message_verifier.rb @@ -26,12 +26,15 @@ module ActiveSupport class MessageVerifier class InvalidSignature < StandardError; end - attr_accessor :serializer - - def initialize(secret, digest = 'SHA1', serializer = Marshal) + def initialize(secret, options = {}) + unless options.is_a?(Hash) + ActiveSupport::Deprecation.warn "The second parameter should be an options hash. Use :digest => 'algorithm' to sepcify the digest algorithm." + options = { :digest => options } + end + @secret = secret - @digest = digest - @serializer = serializer + @digest = options[:digest] || 'SHA1' + @serializer = options[:serializer] || Marshal end def verify(signed_message) @@ -39,14 +42,14 @@ module ActiveSupport data, digest = signed_message.split("--") if data.present? && digest.present? && secure_compare(digest, generate_digest(data)) - serializer.load(ActiveSupport::Base64.decode64(data)) + @serializer.load(ActiveSupport::Base64.decode64(data)) else raise InvalidSignature end end def generate(value) - data = ActiveSupport::Base64.encode64s(serializer.dump(value)) + data = ActiveSupport::Base64.encode64s(@serializer.dump(value)) "#{data}--#{generate_digest(data)}" end |